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Amendments to the Claims: 

This listing of claims will replace all prior versions, and listings, of claims in the application: 
Listing of Claims: 

1 . (Currently Amended) A data transmission controlling method for controlling 
transmission of data from data transmitting means to data receiving means over at least first and 
second communication channels, said data transmission controlling method comprising the steps 
of: 

transmitting data encrypted by said data transmitting means to said data receiving means 
over said first communication channel provided for data transmission from said data transmitting 
means to said data receiving means,, 

wherein prior to transmitting said encrypted data over said first communication channel 
said data transmitting means encapsulates data to be transmitted from said data transmitting 
means to data receiving means in accordance with a plurality of protocols, 

wherein at least one of said data capsules resulting from the encapsulation is encrypted, 

and 

wherein said data transmitting means supplements an encrypted data section with a 
section header containing destination address information ; and 

transmitting restrictive data transmission control information to said data receiving means 
over said second communication channel having a smaller capacity of data transmission than 
said first communication channel, 

wherein said restrictive data transmission control information transmitted over said 
second communication channel is operating to allow only intended data receiving means to 
receive the encrypted data, and is configured to substantially simplify decryption of the 
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encrypted data transmitted over said first communication channel. 

2. (Original) A data transmission controlling method according to claim 1, wherein said 
second communication channel is a communication channel permitting bidirectional 
communication between said data transmitting means and said data receiving means. 

3. (Original) A data transmission controlling method according to claim 1, wherein said 
data transmitting means performs data encryption using an encryption key and wherein said 
encrypted data from said data transmitting means are decrypted by said data receiving means 
utilizing a decryption key identical to said encryption key used in the data encryption. 

4. (Original) A data transmission controlling method according to claim 3, wherein said 
encryption key and said decryption key are session keys for encrypting and decrypting 
information and data. 

5. (Original) A data transmission controlling method according to claim 4, wherein said 
session keys are updated at predetermined intervals. 

6. (Original) A data transmission controlling method according to claim 4, wherein said 
data transmitting means and said data receiving means have a master key specific to said data 
receiving means; 

wherein said data transmitting means encrypts said session keys using said master key 
and transmits the encrypted session keys to said data receiving means over either said first 

3 00310087 



' PATENT 

Appl. No. 09/309,412 

Attorney Docket No. 450100-4879 

communication channel or said second communication channel; and 

wherein said data receiving means decrypts said encrypted session keys received using 
said master key. 

7. (Original) A data transmission controlling method according to claim 6, wherein said 
data transmitting means possesses said session keys corresponding to all data receiving means 
authorized to receive specific information and data; and 

wherein said data transmitting means transmits in advance said session keys to said data 
receiving means authorized to receive specific information and data. 

8. (Original) A data transmission controlling method according to claim 1, wherein said 
first communication channel is a satellite link permitting unidirectional communication from said 
data transmitting means to said data receiving means; and 

wherein said second communication channel is a communication channel permitting 
bidirectional communication between said data transmitting means and said data receiving 
means. 

9. (Original) A data transmission controlling method according to claim 1 ? wherein said 
data receiving means is constituted as an IP router. 

10. (Original) A data transmission controlling method according to claim 1, wherein said 
data receiving means is constituted as a bridge. 
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1 1 . (Currently Amended) A data transmission system comprising: 
data transmitting means for encrypting and transmitting data; 

data receiving means for receiving said encrypted data from said data transmitting means; 

a first communication channel used to transmit said encrypted data from said data 
transmitting means to said data receiving means,, 

wherein prior to transmitting said encrypted data over said first communication channel 
said data transmitting means encapsulates data to be transmitted from said data transmitting 
means to data receiving means in accordance with a plurality of protocols, 

wherein at least one of said data capsules resulting from the encapsulation is encrypted, 

and 

wherein said data transmitting means supplements an encrypted data section with a 
section header containing destination address information ; and 

a second communication channel having a smaller capacity of data transmission than said 
first communication channel, said second communication channel used to transmit restrictive 
data transmission control information to said data receiving means, 

wherein said restrictive data transmission control information transmitted over said 
second communication channel is operating to allow only intended data receiving means to 
receive said encrypted data, and is configured to substantially simplify decryption of said 
encrypted data transmitted over said first communication channel. 

12. (Original) A data transmission system according to claim 11, wherein said data 
transmitting means performs data encryption using an encryption key and wherein said encrypted 
data from said data transmitting means are decrypted by said data receiving means utilizing a 
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decryption key identical to said encryption key used in the data encryption. 

13. (Original) A data transmission system according to claim 12, wherein said 
encryption key and said decryption key are session keys for encrypting and decrypting 
information and data. 

14. (Original) A data transmission system according to claim 13, wherein said session 
keys are updated at predetermined intervals. 

15. (Original) A data transmission system according to claim 13, wherein said data 
transmitting means and said data receiving means have a master key specific to said data 
receiving means; 

wherein said data transmitting means encrypts said session keys using said master key 
and transmits the encrypted session keys to said data receiving means over either said first 
communication channel or said second communication channel; and 

wherein said data receiving means decrypts said encrypted session keys received using 
said master key. 

16. (Original) A data transmission system according to claim 15, wherein said data 
transmitting means possesses said session keys corresponding to all data receiving means 
authorized to receive specific information and data; and 

wherein said data transmitting means transmits in advance said session keys to said data 
receiving means authorized to receive specific information and data. 
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17. (Original) A data transmission system according to claim 1 1 , wherein said first 
communication channel is a satellite link permitting unidirectional communication from said 
data transmitting means to said data receiving means. 

18. (Original) A data transmission system according to claim 11, wherein said data 
receiving means is constituted as an IP router. 

19. (Original) A data transmission system according to claim 1 1 , wherein said data 
receiving means is constituted as a bridge. 
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